RHSA-2026:26257HighCVSS 8.8
Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.8.8
🔗 CVE IDs covered (2)
📋 Description
CVE-2025-58058 — github.com/ulikunitz/xz: github.com/ulikunitz/xz leaks memory CVE-2026-39883 — github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris
🔗 References (5)
- selfhttps://access.redhat.com/errata/RHSA-2026:26257
- externalhttps://access.redhat.com/security/cve/CVE-2025-58058
- externalhttps://access.redhat.com/security/cve/CVE-2026-39883
- externalhttps://access.redhat.com/security/updates/classification/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26257.json